<?php
if( !defined('IN') ) die('bad request');
/**
 * 控制器的默认方法
 */
function index(){
   forget_pwd();
}

/*
 * 找回密码视图
 */
function forget_pwd(){
    //显示视图
    render('','forget_pwd');
}

/*
 * 找回密码业务实现
 */
function do_forget_pwd(){
    load('my.func.php');
    if (!check_vcode(v('vcode'))) return show_msg('验证码错误！','/?c=member');
    load('utils.func.php');
    load('db.func.php');
    $usermail = strtolower(v('email'));
    $user_mail = s($usermail);
    $userinfo = get_line("select * from member where email='".$user_mail."'");
    if (empty($userinfo['email'])){
        return show_msg('不存在该用户','/?c=member');
    }
    load('cache.func.php');
    //频率检查,防止恶意消耗资源
    if (get_cache($usermail)){
        return show_msg('您的操作频率过快！请稍后重试','/');
    }
    $auth_key = c('auth_key'); //读取密钥
    //加密 用户id + 时间戳
    $code = encrypt($userinfo['userid'].';'.time(),'ENCODE',$auth_key);
    $user_ip = get_real_ip();
    $mail_msg =array('to'=>$userinfo['email'],'ip'=>$user_ip,'nickname'=>$userinfo['nickname'],'code'=>$code,'time'=>time());
    //发送邮件
    $ret = sendmail($mail_msg);
    if ($ret){
        set_cache($usermail,1,60); // 标记 60 秒内已经发送过邮件
        $data['usermail'] = $usermail;
        //显示邮件发送成功的视图
        return render($data,'do_forget_pwd');
    }else{
        return show_msg('邮件发送失败,请重试或者联系客服!');
    }
}

/**
 * ajax function
 * 发送密码重置邮件
 * @return json
 */
function send_pwd_mail(){
    load('my.func.php');
    load('db.func.php');
    load('cache.func.php');
    $info = array('code'=>0,'msg'=>'');
    $usermail = v('mail');
    $sid = v('sid');
    session_id($sid);
    //验证验证码
    if (check_vcode(v('vcode'))){
        //检测60秒内是否进行过密码找回操作
        if (get_cache($usermail)){
            $info['msg'] = '操作频率太快!请稍后重试';
        }else{
            //查询用户信息
            $userinfo = get_line("select * from member where email='".s($usermail)."'");
            if(!$userinfo){
                //不存在该用户
                $info['msg'] = '不存在该用户';
            }else{
                $auth_key = c('auth_key'); //读取密钥
                load('utils.func.php');
                //加密 用户id + 时间戳
                $code = encrypt($userinfo['userid'].';'.time(),'ENCODE',$auth_key);
                $user_ip = get_real_ip();
                $mail_msg =array('to'=>$userinfo['email'],'ip'=>$user_ip,'nickname'=>$userinfo['nickname'],'code'=>$code,'time'=>time());
                //发送邮件
                if(sendmail($mail_msg)){
                    $info['code'] = 1;
                    // 标记 60 秒内已经发送过邮件
                    set_cache($usermail,1,60);
                }else{
                    $info['msg'] = '发送邮件失败,请稍后重试';
                }
            }
        }
    }else{
        $info['msg'] ='验证码错误!';
    }
    ajax_echo(json_encode($info));
}
/*
 * 重置密码视图
 */
function reset_pwd(){
    load('my.func.php');
    //验证用户提交的code
    list($code,$code_data) = check_code(v('code'));
    load('cache.func.php');
    //通过code验证后再判断该code之前是否提交过、没提交过则写入缓存
    if (get_cache($code)){
        return show_msg('链接失效','/');
    }else{
        //code 缓存24小时
        set_cache($code,1,3600*24);
    }
     //显示视图
     render('','resetpwd');
}
/*
 * 重置密码业务实现
 */
function do_reset_pwd(){
       load('my.func.php');
       if (!check_vcode(v('vcode'))) return show_msg('验证码错误！');
       list($code,$code_data) = check_code(v('code'));
       $user_id = $code_data[0];
       load('cache.func.php');
       load('db.func.php');
       // 检测之前是否已经通过该链接执行修改密码操作
       if(get_cache($code)==2) return show_msg('该链接已经失效','/');
       $newpwd = trim(v('password'));
       $conpwd = trim(v('pwdconfirm'));
       if($newpwd && $conpwd){
           if ($newpwd!=$conpwd){
               return show_msg('前后密码输入不一致！');
           }elseif(strlen($newpwd)<6 or strlen($newpwd)>32){
               return show_msg('密码长度不符合要求！');
           }
       }
        $userinfo = get_user_info($user_id);
        if (empty($userinfo['email'])){
            return show_msg('不存在该用户','/?c=member');
        }
       //进行密码加密，默认使用md5加密
       $newpwd = encrypt_pwd($newpwd);
       $sql = "update member set password='".$newpwd."' where userid='".$userinfo['userid']."'";
        //执行修改密码
       if (run_sql($sql)){
           //标记已经通过该code进行密码更新操作
           set_cache($code,2);
           return show_msg('密码更新成功!','/');
       }else{
           return show_msg('密码修改失败!','/');
       }
}

/**
 * ajax function
 * 检查是否存在该邮箱注册的帐号
 * @return json
 */
function checkmail(){
    $usermail = v('mail');
    if(!$usermail) die(0);
    load('db.func.php');
    $user_mail = s($usermail);
    $data = get_line("select email from member where email='".$user_mail."'");
    $code = $data ? 1 :0;
    $info = json_encode(array('code'=>$code,'msg'=>$usermail));
    ajax_echo($info);
}

/**
 * ajax function
 * 校验用户输入的验证码
 */
function checkvcode(){
    $vcode = v('vcode');
    $sid = v('sid');
    session_id($sid);
    $info = array('code'=>0);
    load('my.func.php');
    if (check_vcode($vcode)){
        $info['code'] = 1;
    }
    ajax_echo(json_encode($info));
}
/*
 * 显示验证码
 */
function show_verify(){
    load('captcha.class.php');
    $conf['name'] = 'verify_code'; //存储验证码结果的session key
    $captcha = new Captcha($conf);
    $captcha->show();
}